Astra Linux - уязвимость в open-vm-tools

A malicious actor who has been granted “Guest Operation Privileges” https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html can potentially elevate their privileges if the target virtual machine has been assigned a more privileged “Guest Alias...

Astra Linux - уязвимость в open-vm-tools

open-vm-tools contains a file descriptor hijacking vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

Astra Linux – Vulnerability in open-vm-tools

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges, who has access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled, may exploit this vulnerability to escalate...

Unity Linux 20.1070a Security Update: open-vm-tools (UTSA-2026-007257)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007257 advisory. VMware Tools contains an insecure file handling vulnerability.A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigge...

Fedora: Security Advisory (FEDORA-2026-33c6aa1881)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : open-vm-tools (2026-55bb6efd14)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-55bb6efd14 advisory. Update to 13.0.10. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Alibaba Cloud Linux 3 : 0019: open-vm-tools (ALINUX3-SA-2026:0019)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0019 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-22247: VMware Tools contains an insecure...

open-vm-tools bug fix and enhancement update

An update is available for open-vm-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...

open-vm-tools bug fix and enhancement update

An update is available for open-vm-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Open Virtual Machine Tools are the open source implementation of th...

Security update of open-vm-tools (important)

openSUSE security update: security update of open-vm-tools ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20067-1 Rating: important References: bsc1250373 bsc1250692 Cross-References: CVE-2025-41244 CVSS scores: CVE-2025-41244 SUSE : 7.8...

Moderate: Red Hat Bug Fix Advisory: open-vm-tools bug fix and enhancement update

An update for open-vm-tools is now available for Red Hat Enterprise Linux 8. The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines...

MiracleLinux 7 : open-vm-tools-11.0.5-3.el7.7 (AXSA:2023-6398:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6398:07 advisory. open-vm-tools: SAML token signature bypass CVE-2023-20900 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : open-vm-tools-12.2.5-3.el9_3.2.ML.1 (AXSA:2024-7395:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7395:02 advisory. open-vm-tools: SAML token signature bypass CVE-2023-34058 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper...

MiracleLinux 8 : open-vm-tools-12.1.5-2.el8.3.ML.1 (AXSA:2023-6434:09)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6434:09 advisory. open-vm-tools: SAML token signature bypass CVE-2023-20900 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : open-vm-tools-11.0.5-3.el7.4 (AXSA:2022-3809:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3809:03 advisory. open-vm-tools: local root privilege escalation in the virtual machine CVE-2022-31676 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : open-vm-tools-12.1.5-2.el8.ML.1 (AXSA:2023-6180:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6180:06 advisory. open-vm-tools: authentication bypass vulnerability in the vgauth module CVE-2023-20867 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : open-vm-tools-12.1.5-1.el9.3.ML.1 (AXSA:2023-6439:10)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6439:10 advisory. open-vm-tools: SAML token signature bypass CVE-2023-20900 Tenable has extracted the preceding description block directly from the MiracleLinux security...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : open-vm-tools (SUSE-SU-2025:03434-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03434-1 advisory. - CVE-2025-41244: local privilege escalation via the Service Discovery Plugin bsc1250373. Tenable has...

Oracle Linux 9 : open-vm-tools (ELSA-2025-17428)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-17428 advisory. - ovt-Address-CVE-2025-41244.patch RHEL-117390 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

Oracle Linux 10 : open-vm-tools (ELSA-2025-17429)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-17429 advisory. - ovt-Address-CVE-2025-41244.patch RHEL-117381 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...